Home page logo
/

132 messages starting Jan 31 13 and ending Jan 22 13
Date index | Thread index | Author index

Adam Laurie

marc4dasm - Atmel MARC microprocessor disassembler published Adam Laurie (Jan 31)

advisory

Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart advisory (Jan 09)
Remote Buffer Overflow Vulnerability in Samsung Kies advisory (Jan 09)
Nero MediaHome Multiple Remote DoS Vulnerabilities advisory (Jan 09)
Cross-Site Scripting (XSS) vulnerability in gpEasy advisory (Jan 24)
SQL Injection Vulnerability in ImageCMS advisory (Jan 24)

Andrea Fabrizi

Buffalo TeraStation TS-Series multiple vulnerabilities Andrea Fabrizi (Jan 31)

Apple Product Security

APPLE-SA-2013-01-28-1 iOS 6.1 Software Update Apple Product Security (Jan 29)
APPLE-SA-2013-01-28-2 Apple TV 5.2 Apple Product Security (Jan 29)

Arne Vidström

Detailed examples of two vulnerabilities in whitelisting software: SE46 (Cryptzone) and Application Control (McAfee) Arne Vidström (Jan 10)

Asterisk Security Team

AST-2012-014: Crashes due to large stack allocations when using TCP Asterisk Security Team (Jan 03)
AST-2012-015: Denial of Service Through Exploitation of Device State Caching Asterisk Security Team (Jan 03)

auto-bulletins

(AUSCERT#20131775e) AusCERT 2013 Call For Presentations - closing in 10 days auto-bulletins (Jan 21)

Beni_vanda

Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability Beni_vanda (Jan 10)

cfp

AthCon 2013 CFP OPEN cfp (Jan 01)

Cisco Systems Product Security Incident Response Team

Cisco Security Advisory: Cisco Prime LAN Management Solution Command Execution Vulnerability Cisco Systems Product Security Incident Response Team (Jan 09)
Cisco Security Advisory: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability Cisco Systems Product Security Incident Response Team (Jan 09)
Cisco Security Advisory: Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jan 16)
Cisco Security Advisory Update v1.1: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability Cisco Systems Product Security Incident Response Team (Jan 17)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team (Jan 24)
Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities Cisco Systems Product Security Incident Response Team (Jan 30)

cve-id-change

CVE ID Syntax Change - Call for Public Feedback cve-id-change (Jan 24)

cwggenius

Simple Webserver 2.3-rc1 Directory Traversal cwggenius (Jan 03)

DefenseCode

DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit DefenseCode (Jan 10)
Looking for security contacts DefenseCode (Jan 22)
DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability DefenseCode (Jan 31)

devnull

Multiple Vulnerabilities in Linksys WRT54GL devnull (Jan 21)

Egidio Romano

[KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability Egidio Romano (Jan 29)

Fernando Gont

Recently-revised IETF I-Ds about IPv6 security Fernando Gont (Jan 21)
IPv6: How to avoid security issues with VPN leaks on dual-stack networks Fernando Gont (Jan 24)

fineuploader

Re: Wordpress Valums Uploader - File Upload Vulnerability fineuploader (Jan 29)

Florian Weimer

[SECURITY] [DSA 2602-1] zendframework security update Florian Weimer (Jan 08)
[SECURITY] [DSA 2607-1] qemu-kvm security update Florian Weimer (Jan 15)
[SECURITY] [DSA 2608-1] qemu security update Florian Weimer (Jan 15)
[SECURITY] [DSA 2609-1] rails security update Florian Weimer (Jan 17)

Hafez Kamal

[HITB-Announce] REMINDER: #HITB2013AMS Call for Papers Closes 8th Feb Hafez Kamal (Jan 22)

Henri Salo

Re: Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability Henri Salo (Jan 11)

i

CVE-2013-1402 - DigiLIBE Management Console - Execution After Redirect (EAR) Vulnerability i (Jan 22)

i () amroot com

CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF) i () amroot com (Jan 04)
CVE-2012-6494 - Nexpose Security Console - Session Hijacking i () amroot com (Jan 04)

illSecResearchGroup

Wordpress Developer Formatter CSRF Vulnerability illSecResearchGroup (Jan 22)
WordPress SolveMedia 1.1.0 CSRF Vulnerability illSecResearchGroup (Jan 25)

Include Security Research

Arbitrary File Upload and Code Execution in Accusoft Prizm Content Connect Include Security Research (Jan 14)

Inshell Security

[IA33] Serva v2.0.0 DNS Server Remote Denial of Service Inshell Security (Jan 14)
[IA34] Serva v2.0.0 HTTP Server GET Remote Denial of Service Inshell Security (Jan 14)

Jan Lehnardt

CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows Jan Lehnardt (Jan 14)
CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI Jan Lehnardt (Jan 14)
CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash Jan Lehnardt (Jan 14)

jason . doyle

CVE-2012-6452 Axway Secure Messenger Username Disclosure jason . doyle (Jan 18)

Jonathan Brossard

NoSuchCon CFP / 15-17 May 2013 / Paris, France Jonathan Brossard (Jan 21)

king cope

New Blog Post: Attacking the Windows 7/8 Address Space Randomization king cope (Jan 24)

Kotas, Kevin J

Updated - CA20121018-01: Security Notice for CA ARCserve Backup Kotas, Kevin J (Jan 14)

Kurt Seifried

Re: GnuPG 1.4.12 and lower - memory access errors and keyring database corruption Kurt Seifried (Jan 01)
Re: GnuPG 1.4.12 and lower - memory access errors and keyring database corruption Kurt Seifried (Jan 02)

Major Malfunction

DC4420 - 2013 CFP Major Malfunction (Jan 16)
DC4420 - London DEFCON - January 2013 meet. Tuesday 29th January 2013 Major Malfunction (Jan 23)
Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images Major Malfunction (Jan 31)

marcelavbx

Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin marcelavbx (Jan 21)

mbsdtest01

Chrome for Android - UXSS via com.android.browser.application_id Intent extra mbsdtest01 (Jan 07)
Chrome for Android - Download Function Information Disclosure mbsdtest01 (Jan 07)
Chrome for Android - Android APIs exposed to JavaScript mbsdtest01 (Jan 07)
Chrome for Android - Bypassing SOP for Local Files By Symlinks mbsdtest01 (Jan 07)
Chrome for Android - Cookie theft from Chrome by malicious Android app mbsdtest01 (Jan 07)
Facebook for Android - Information Diclosure Vulnerability mbsdtest01 (Jan 07)

Moritz Muehlenhoff

[SECURITY] [DSA 2598-1] weechat security update Moritz Muehlenhoff (Jan 07)
[SECURITY] [DSA 2603-1] emacs23 security update Moritz Muehlenhoff (Jan 09)
[SECURITY] [DSA 2612-1] ircd-ratbox security update Moritz Muehlenhoff (Jan 25)

Moritz Naumann

XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget") Moritz Naumann (Jan 29)

muztapha

Charybdis: Improper assumptions in the server handshake code may lead to a remote crash muztapha (Jan 01)

n1s0o

Adobe Reader XI versions are vulnerable to a heap overflow n1s0o (Jan 29)

Nico Golde

[SECURITY] [DSA 2597-1] rails security update Nico Golde (Jan 07)
[SECURITY] [DSA 2600-1] cups security update Nico Golde (Jan 07)

NSO Research

NSOADV-2013-001: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/appliance/) NSO Research (Jan 17)
NSOADV-2013-002: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/sgms/) NSO Research (Jan 17)

Paolo Perego

Re: Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability Paolo Perego (Jan 16)

psiinon

OWASP Zed Attack Proxy 2.0.0 psiinon (Jan 31)

rgilbert

Re: [CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities rgilbert (Jan 16)
Re: [CVE-ID REQUEST] vBulletin - Multiple Open Redirects rgilbert (Jan 16)

roberto

Unauthenticated remote access to D-Link DCS cameras roberto (Jan 29)

Rustein, Fara Denise \(LATCO - Buenos Aires\)

Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting (XSS) vulnerability Rustein, Fara Denise \(LATCO - Buenos Aires\) (Jan 15)

SBV Research

OrangeHRM 2.7.1 Vacancy Name Persistent XSS SBV Research (Jan 10)

SEC Consult Vulnerability Lab

SEC Consult SA-20130122-0 :: F5 BIG-IP XML External Entity Injection vulnerability SEC Consult Vulnerability Lab (Jan 22)
SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability SEC Consult Vulnerability Lab (Jan 22)
SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products SEC Consult Vulnerability Lab (Jan 24)

Secunia Research

Secunia Research: Oracle Outside In Technology Paradox Database Handling Denial of Service Secunia Research (Jan 17)
Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow Secunia Research (Jan 17)

security

[ MDVSA-2013:001 ] gnupg security (Jan 02)
[ MDVSA-2013:002 ] firefox security (Jan 09)
[ MDVSA-2013:003 ] rootcerts security (Jan 09)
[ MDVSA-2013:004 ] tomcat5 security (Jan 10)
[ MDVSA-2013:005 ] perl security (Jan 29)

Security Alert

ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability Security Alert (Jan 08)
ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities Security Alert (Jan 21)
ESA-2013-010: EMC AlphaStor Buffer Overflow Vulnerability Security Alert (Jan 29)

security_alert

Re: EMC Avamar: World writable cache files security_alert (Jan 21)

security-alert

[security bulletin] HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Jan 07)
[security bulletin] HPSBUX02829 SSRT100883 rev.1 - HP-UX Running X Font Server (xfs) Software, Local Denial of Service (DoS), Unauthorized Access security-alert (Jan 08)
[security bulletin] HPSBMU02838 SSRT100789 rev.1 - HP Serviceguard on Linux, Remote Denial of Service (DoS) security-alert (Jan 11)
[security bulletin] HPSBMU02841 SSRT100724 rev.1 - HP Diagnostics Server, Remote Execution of Arbitrary Code security-alert (Jan 23)
[security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS) security-alert (Jan 31)

Security Explorations

[SE-2012-01] 'Fix' for Issue 32 exploited by new Java 0-day code Security Explorations (Jan 11)
[SE-2012-01] Java 7 Update 11 confirmed to be vulnerable Security Explorations (Jan 21)
Re: [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable Security Explorations (Jan 22)
[SE-2012-01] An issue with new Java SE 7 security features Security Explorations (Jan 29)

Shakacon

ShakaCon 2013 - Call for Papers Shakacon (Jan 02)

Slackware Security Team

[slackware-security] mozilla-firefox (SSA:2013-009-01) Slackware Security Team (Jan 10)
[slackware-security] seamonkey (SSA:2013-009-03) Slackware Security Team (Jan 10)
[slackware-security] mozilla-thunderbird (SSA:2013-009-02) Slackware Security Team (Jan 10)
[slackware-security] freetype (SSA:2013-015-01) Slackware Security Team (Jan 16)
[slackware-security] mysql (SSA:2013-022-01) Slackware Security Team (Jan 23)

Stefan Kanthak

Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069 Stefan Kanthak (Jan 21)

stephan . rickauer

CVE-2013-0805 / CSNC-2013-001 stephan . rickauer (Jan 24)

Thijs Kinkhorst

[SECURITY] [DSA 2599-1] nss security update Thijs Kinkhorst (Jan 07)
[SECURITY] [DSA 2604-1] rails security update Thijs Kinkhorst (Jan 09)
[SECURITY] [DSA 2606-1] proftpd-dfsg security update Thijs Kinkhorst (Jan 14)
[SECURITY] [DSA 2605-1] asterisk security update Thijs Kinkhorst (Jan 14)
[SECURITY] [DSA 2605-2] asterisk regression update Thijs Kinkhorst (Jan 21)
[SECURITY] [DSA 2613-1] rails security update Thijs Kinkhorst (Jan 30)

Timo Juhani Lindfors

Aastra IP Telephone encrypted .tuz configuration file leakage Timo Juhani Lindfors (Jan 03)

todb

CFP: InfoSec Southwest 2013 todb (Jan 07)

Vulnerability Lab

Wordpress Valums Uploader - File Upload Vulnerability Vulnerability Lab (Jan 22)
nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities Vulnerability Lab (Jan 29)
Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities Vulnerability Lab (Jan 29)
Kohana Framework v2.3.3 - Directory Traversal Vulnerability Vulnerability Lab (Jan 29)

Walter Belgers

CFP Observe. Hack. Make. Walter Belgers (Jan 31)

Williams, James K

CA20121220-01: Security Notice for CA IdentityMinder [updated] Williams, James K (Jan 21)

YGN Ethical Hacker Group

Re: CubeCart 5.0.7 and lower versions | Insecure Backup File Handling YGN Ethical Hacker Group (Jan 01)
CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Jan 01)
CubeCart 5.x | Multiple Cross Site Scripting Vulnerabilities YGN Ethical Hacker Group (Jan 01)
TomatoCart 1.x | Unrestricted File Creation YGN Ethical Hacker Group (Jan 04)

Yves-Alexis Perez

[SECURITY] [DSA 2610-1] ganglia security update Yves-Alexis Perez (Jan 22)
[SECURITY] [DSA 2611-1] movabletype-opensource security update Yves-Alexis Perez (Jan 22)
Previous period Next period
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]